1. Field of the Invention
The present invention relates generally to computer network security and, more particularly, methods of and systems for using device identity as an authentication factor.
2. Description of the Related Art
The importance of security in computer networking whose presence reaches into nearly every facet of life today cannot be over-stated. There is a generally recognized trade-off between security and user convenience. For example, if a user's password is easy to remember, it's easy to guess. Some systems require that users change passwords from one randomly generated string to another every few weeks, thereby enhancing system security at the expense of user convenience. Other systems allow users to choose extremely simple passwords and keep them forever, enhancing user convenience at the expense of system security.
Security systems are often described in terms of the number of factors used to authenticate a particular user. For example, a typical username and password system is a two-factor authentication system in that each user must provide two pieces of information about themselves for authentication. Generally speaking, authentication systems with more factors are more secure than those with fewer factors. However, each additional factor requires more involvement of the user such that each increment of added security exacts a cost of increment user inconvenience.
What is needed is a way to add a factor for user authentication without increasing user inconvenience.